Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/5056827E1D1711EB9918046AC4F9AE02.roa
File: 5056827E1D1711EB9918046AC4F9AE02.roa (raw, json)
Hash identifier: nWU6XTdSC8J1WjeMu+XQqxcze/9LJeinmviggvmDm6k=
Subject key identifier: 8E:09:47:67:C1:97:05:EE:EF:F0:57:F5:3D:34:25:5F:8A:40:0B:F8
Certificate issuer: /CN=A915B536/serialNumber=8210D43756654B10705D5AB3F37BF01A78B78C47
Certificate serial: 08E4
Authority key identifier: 82:10:D4:37:56:65:4B:10:70:5D:5A:B3:F3:7B:F0:1A:78:B7:8C:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/5056827E1D1711EB9918046AC4F9AE02.roa
Signing time: Wed 08 Apr 2026 20:26:55 +0000
ROA not before: Wed 08 Apr 2026 20:26:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30133
IP address blocks: 103.11.221.0/24 maxlen: 24
202.41.140.0/24 maxlen: 24
202.41.142.0/24 maxlen: 24
202.41.143.0/24 maxlen: 24
202.41.144.0/24 maxlen: 24
202.41.146.0/24 maxlen: 24
203.119.16.0/24 maxlen: 24
203.119.17.0/24 maxlen: 24
203.119.19.0/24 maxlen: 24
203.119.20.0/24 maxlen: 24
203.119.51.0/24 maxlen: 24
203.119.57.0/24 maxlen: 24
203.119.79.0/24 maxlen: 24
2001:dd8:13::/48 maxlen: 48
2001:dd8:14::/48 maxlen: 48
2001:dd8:15::/48 maxlen: 48
2001:dd8:17::/48 maxlen: 48
2001:dd8:18::/48 maxlen: 48
2001:dd8:19::/48 maxlen: 48
2001:dd8:1a::/48 maxlen: 48
2001:dd8:1c::/48 maxlen: 48
2001:dd8:1d::/48 maxlen: 48
2001:dd8:1e::/48 maxlen: 48
2001:dd8:22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.crl
rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 20:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2276 (0x8e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B536, serialNumber=8210D43756654B10705D5AB3F37BF01A78B78C47
Validity
Not Before: Apr 8 20:26:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69d6ba0f-8b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f9:ab:a0:7d:f9:13:24:af:01:49:56:1b:0c:
2e:e2:27:91:fa:2c:47:41:cc:c5:e6:4b:a7:2c:f7:
91:22:1f:c5:b7:31:21:b3:e0:33:22:3d:37:7e:d5:
62:2d:97:cb:cd:91:fb:d9:0c:79:82:49:71:f2:73:
df:e8:9b:8c:81:37:33:65:7e:a7:bf:c6:ce:77:58:
d2:fb:05:82:bf:8a:0f:d5:3a:a9:30:03:96:d4:f4:
7e:98:bf:84:45:15:32:74:cd:8b:47:8a:d4:3b:e2:
5c:7a:17:7e:af:14:68:e4:16:0a:16:8f:14:70:80:
16:20:c6:60:49:dd:60:cc:da:98:d0:d7:69:f1:6b:
9a:c7:2b:a6:bf:cb:df:e3:b7:24:3c:2b:a5:80:ef:
4a:d4:3d:b2:2a:ad:78:f1:12:05:d2:6c:58:45:11:
52:06:22:78:c1:19:bb:17:64:c1:db:8c:e1:69:27:
84:40:ee:b6:3b:01:77:ce:d3:3f:58:e4:15:4b:90:
06:de:7a:10:84:75:ea:ed:76:69:8a:37:7d:1d:71:
e7:f7:7b:ac:d3:1f:fe:6f:cb:d5:e2:77:a6:f5:6b:
db:40:d1:b0:72:fa:16:bf:a9:9b:e4:6e:0b:fa:c5:
30:78:24:39:60:aa:e6:98:b3:63:0d:d7:21:98:27:
94:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:09:47:67:C1:97:05:EE:EF:F0:57:F5:3D:34:25:5F:8A:40:0B:F8
X509v3 Authority Key Identifier:
keyid:82:10:D4:37:56:65:4B:10:70:5D:5A:B3:F3:7B:F0:1A:78:B7:8C:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/5056827E1D1711EB9918046AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.11.221.0/24
202.41.140.0/24
202.41.142.0-202.41.144.255
202.41.146.0/24
203.119.16.0/23
203.119.19.0-203.119.20.255
203.119.51.0/24
203.119.57.0/24
203.119.79.0/24
IPv6:
2001:dd8:13::-2001:dd8:15:ffff:ffff:ffff:ffff:ffff
2001:dd8:17::-2001:dd8:1a:ffff:ffff:ffff:ffff:ffff
2001:dd8:1c::-2001:dd8:1e:ffff:ffff:ffff:ffff:ffff
2001:dd8:22::/48
Signature Algorithm: sha256WithRSAEncryption
9e:50:2a:74:fa:42:8e:de:a6:c4:8c:71:b7:dd:08:5d:6f:a3:
96:77:2e:57:7a:1f:ef:c2:fd:7a:3c:46:d4:00:0e:22:44:97:
70:ad:c9:4a:1d:b8:95:e9:a7:07:4b:bd:46:b7:7a:73:82:18:
7e:a6:8b:57:23:b9:76:66:ce:99:fb:cb:5d:a3:92:33:76:db:
df:b4:ab:bb:b4:c7:96:d6:b7:66:ab:20:c6:c3:e6:ea:b2:e0:
c2:a4:84:27:65:81:cd:0e:b5:ff:0c:8d:61:d5:38:29:6e:b1:
fb:a6:bb:b9:f4:fa:56:02:55:d5:d7:4c:98:62:80:ee:60:c9:
d4:c6:b0:5a:69:42:4e:03:8e:c9:91:66:5c:cd:6e:26:98:76:
3e:94:b9:03:ed:c1:4e:5e:4d:aa:a3:d7:c1:0a:27:ed:1b:85:
ea:e8:eb:69:50:36:37:35:1c:5b:23:77:97:61:63:15:70:00:
65:b6:4b:7d:e9:16:a1:2e:28:f2:e5:e7:e8:c2:01:86:49:79:
16:57:4b:16:29:6b:e0:a6:c6:53:ce:8d:95:03:45:2b:a7:f7:
2f:d0:aa:e6:7f:a5:e0:bc:73:bf:d4:70:43:f6:28:9c:f0:1d:
ab:ee:da:9e:c2:ca:8d:4a:da:aa:3b:bd:33:2e:f2:fd:29:d9:
20:70:82:ab
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICCOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI1MzYxMTAvBgNVBAUTKDgyMTBENDM3NTY2NTRCMTA3MDVENUFCM0YzN0JGMDFB
NzhCNzhDNDcwHhcNMjYwNDA4MjAyNjU1WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ2YmEwZi04YjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3PmroH35EySvAUlWGwwu4ieR+ixHQczF5kunLPeRIh/FtzEhs+AzIj03ftVi
LZfLzZH72Qx5gklx8nPf6JuMgTczZX6nv8bOd1jS+wWCv4oP1TqpMAOW1PR+mL+E
RRUydM2LR4rUO+Jcehd+rxRo5BYKFo8UcIAWIMZgSd1gzNqY0Ndp8Wuaxyumv8vf
47ckPCulgO9K1D2yKq148RIF0mxYRRFSBiJ4wRm7F2TB24zhaSeEQO62OwF3ztM/
WOQVS5AG3noQhHXq7XZpijd9HXHn93us0x/+b8vV4nem9WvbQNGwcvoWv6mb5G4L
+sUweCQ5YKrmmLNjDdchmCeUIwIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFI4JR2fB
lwXu7/BX9T00JV+KQAv4MB8GA1UdIwQYMBaAFIIQ1DdWZUsQcF1as/N78Bp4t4xH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjUzNi9FNEM4ODk3MkVC
NzQxMUVBQkEwQTlFNDhDNEY5QUUwMi9naERVTjFabFN4QndYVnF6ODN2d0duaTNq
RWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2doRFVOMVpsU3hCd1hWcXo4M3Z3R25pM2pFYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI1MzYvRTRDODg5NzJFQjc0MTFFQUJBMEE5RTQ4QzRGOUFFMDIvNTA1NjgyN0Ux
RDE3MTFFQjk5MTgwNDZBQzRGOUFFMDIucm9hMIGuBggrBgEFBQcBBwEB/wSBnjCB
mzBMBAIAATBGAwQAZwvdAwQAyimMMAwDBAHKKY4DBADKKZADBADKKZIDBAHLdxAw
DAMEAMt3EwMEAMt3FAMEAMt3MwMEAMt3OQMEAMt3TzBLBAIAAjBFMBIDBwAgAQ3Y
ABMDBwEgAQ3YABQwEgMHACABDdgAFwMHACABDdgAGjASAwcCIAEN2AAcAwcAIAEN
2AAeAwcAIAEN2AAiMA0GCSqGSIb3DQEBCwUAA4IBAQCeUCp0+kKO3qbEjHG33Qhd
b6OWdy5Xeh/vwv16PEbUAA4iRJdwrclKHbiV6acHS71Gt3pzghh+potXI7l2Zs6Z
+8tdo5IzdtvftKu7tMeW1rdmqyDGw+bqsuDCpIQnZYHNDrX/DI1h1TgpbrH7pru5
9PpWAlXV10yYYoDuYMnUxrBaaUJOA47JkWZczW4mmHY+lLkD7cFOXk2qo9fBCift
G4Xq6OtpUDY3NRxbI3eXYWMVcABltkt96RahLijy5efowgGGSXkWV0sWKWvgpsZT
zo2VA0Urp/cv0Krmf6XgvHO/1HBD9iic8B2r7tqewsqNStqqO70zLvL9KdkgcIKr
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:21:44 2026 by rpki-client